One in three organizations (31%) has suffered one or more Distributed Denial of Service (DDoS) attacks in the last 12 months, according to independent research commissioned by Corero Network Security.

The research amongst IT directors in 300 mid-to large-sized enterprises in the UK and US also found US companies were twice as likely as those in the UK to have experienced an attack: 38% of US companies versus 18% of UK companies.

The research also revealed a much greater level of concern amongst US enterprises, reflecting the increased exposure of US companies to DDoS attack. Nearly two thirds (63%) of US IT directors said they are concerned about the threat of DDoS attack against just 29% in the UK.

Retail companies in the UK are particularly worried with more than half (52%) reporting a high level of concern about DDoS attacks. This is far higher than the concern cited by financial organizations (28%), manufacturing (11%) and other commercial sectors (7%) in the UK.

US companies across all verticals showed a heightened level of awareness and concern about attacks.

Political/ideological motivation was cited as the largest source of DDoS attack among UK companies reporting attacks, with a third blaming what is known as “hacktivism”. The different vertical markets in the UK also revealed a marked variation in the motivations behind attacks. The retail sector in the UK considers financial extortion either for fraud or to extract ransom money to be the primary intention, whilst in the finance sector, political or ideological motives are the main reasons for the attacks.

In the US, however, a competitor seeking unfair business advantage was by far the leading motivation, as unscrupulous competitors were blamed for more than half (52%) of the DDoS attacks amongst the US companies that reported being victims. In contrast, only one in five victim companies in the UK said competitors were responsible.

Whilst levels of concern about the risk of DDoS attacks varied significantly between UK and US respondents, three in five (62%) IT directors claimed to have technology in place to protect their organizations against attack. However more than half (53%) of companies surveyed were still concerned about potential attacks.

Spotlight

Microsoft Edge, the new browser in Windows 10, represents a significant increase in the security over Internet Explorer. However, there are also new potential threat vectors that aren’t present in older versions.

35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right. This illustrates the growing importance for organizations to deploy data loss prevention strategies.

Sun Tzu's writings have been studied throughout the ages by professional militaries and can used to not only answer the question of whether or not we are in a cyberwar, but how one can fight a cyber-battle.

Infosec consultant Paul Moore came up with a working solution to thwart a type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM.